Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft
File:                     lQPIUJD5zC4inTj96rrmJlCL3rg.mft (raw, json)
Hash identifier:          b2Rhytj/JwAfAOgmQaeGh7KUzVQjuXA+zYEDylB9Bx0=
Subject key identifier:   31:56:14:59:D2:76:0D:8B:AF:6C:72:96:7C:B5:25:9B:CF:68:0A:D2
Authority key identifier: 95:03:C8:50:90:F9:CC:2E:22:9D:38:FD:EA:BA:E6:26:50:8B:DE:B8
Certificate issuer:       /CN=9503c85090f9cc2e229d38fdeabae626508bdeb8
Certificate serial:       0197481E106216AF70BA290067B358103F07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft
Manifest number:          029D
Signing time:             Sat 07 Jun 2025 02:00:18 +0000
Manifest this update:     Sat 07 Jun 2025 02:00:18 +0000
Manifest next update:     Sun 08 Jun 2025 02:00:18 +0000
Files and hashes:         1: lQPIUJD5zC4inTj96rrmJlCL3rg.crl (hash: y7zJvAV6tM1X37nqx2GwHXrZ3S/UakdPwvC3Su1/LJw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 02:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:1e:10:62:16:af:70:ba:29:00:67:b3:58:10:3f:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9503c85090f9cc2e229d38fdeabae626508bdeb8
        Validity
            Not Before: Jun  7 02:00:18 2025 GMT
            Not After : Jun  8 02:00:18 2025 GMT
        Subject: CN=31561459d2760d8baf6c72967cb5259bcf680ad2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:a8:ed:26:d2:f9:e8:66:9f:ba:13:4d:39:a8:
                    ac:3c:00:fa:c9:3c:44:51:55:b8:7b:91:9b:42:bc:
                    74:3b:e7:d1:46:6e:9b:99:92:af:5b:43:25:7b:1b:
                    32:7d:d1:5c:1e:d7:ce:e0:49:99:6d:a4:e5:91:6c:
                    55:99:4a:de:5a:c0:b4:e5:75:3b:5b:ab:f8:d1:d8:
                    ea:b8:48:f3:d5:54:45:85:fa:cc:67:55:80:6e:44:
                    e7:16:17:4a:e6:6a:b3:67:c8:5f:09:04:f6:70:91:
                    d3:3a:7e:3a:9c:b6:1c:dc:70:19:4e:b8:5a:cf:44:
                    dc:12:44:9b:a1:e5:bf:24:d6:c4:1e:09:5a:39:41:
                    c2:12:ed:ba:83:35:d6:2e:7e:c6:51:99:4d:d9:9d:
                    94:9d:d2:e9:65:4a:1a:5b:a4:96:4d:e1:e1:f9:4b:
                    59:70:aa:c7:da:50:f2:27:6e:b7:d5:00:61:6d:5c:
                    73:4c:b3:c0:cf:47:c3:b4:e8:0c:ee:33:7f:d0:80:
                    48:34:ac:2c:7c:34:e8:13:4c:24:6d:ce:0b:01:64:
                    16:ef:09:5b:ad:5c:e0:e9:75:da:4f:38:f1:ad:cf:
                    f6:75:80:70:7b:e4:c0:0b:b8:e0:64:2e:3e:d3:ae:
                    c6:7e:f4:41:18:2e:dc:aa:9d:15:1d:38:9c:bb:bb:
                    fc:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:56:14:59:D2:76:0D:8B:AF:6C:72:96:7C:B5:25:9B:CF:68:0A:D2
            X509v3 Authority Key Identifier:
                keyid:95:03:C8:50:90:F9:CC:2E:22:9D:38:FD:EA:BA:E6:26:50:8B:DE:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:0c:27:df:c0:a0:8a:73:6a:4e:af:59:9d:ab:27:f2:65:c9:
         57:dc:5d:c8:c1:3d:e6:9e:70:11:e6:33:4c:2c:02:16:fd:57:
         f2:c9:81:e7:af:7b:cd:b8:26:f7:44:02:b0:1b:cd:8d:f1:d3:
         f5:ef:b6:00:93:76:b5:37:de:00:fe:48:3d:79:3b:e1:ff:cf:
         de:43:36:6a:2d:d2:2d:2a:61:83:0b:b7:d2:0a:71:05:1f:38:
         e4:6d:c4:ec:1a:7b:24:f9:41:5e:b6:6d:a2:91:96:d3:1e:06:
         3e:9d:11:8d:38:bd:6d:da:17:a0:05:8e:75:a1:4a:22:43:14:
         15:e4:81:3c:88:b3:0b:8e:54:c3:1d:57:5d:e8:69:f8:29:fb:
         49:29:b3:98:2a:e1:e6:16:52:3c:18:a9:a4:5b:23:3d:d5:00:
         02:ee:66:6f:d3:f9:de:c9:25:78:10:de:56:95:d0:81:ab:77:
         bf:d6:7f:60:c9:f7:1b:20:9f:0b:6e:de:0c:a6:4e:3b:9a:a5:
         58:97:e8:8f:f1:51:c3:30:5f:ba:99:62:2a:71:b8:c1:20:99:
         26:76:18:eb:b1:af:e4:45:47:b4:d6:07:3b:f9:61:8e:10:6e:
         72:70:a8:78:ca:a2:97:9e:99:5e:bf:6f:14:ab:2d:17:29:7f:
         07:7b:44:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIHhBiFq9wuikAZ7NYED8HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDNjODUwOTBmOWNjMmUyMjlkMzhmZGVhYmFlNjI2NTA4
YmRlYjgwHhcNMjUwNjA3MDIwMDE4WhcNMjUwNjA4MDIwMDE4WjAzMTEwLwYDVQQD
EygzMTU2MTQ1OWQyNzYwZDhiYWY2YzcyOTY3Y2I1MjU5YmNmNjgwYWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtajtJtL56GafuhNNOaisPAD6yTxE
UVW4e5GbQrx0O+fRRm6bmZKvW0MlexsyfdFcHtfO4EmZbaTlkWxVmUreWsC05XU7
W6v40djquEjz1VRFhfrMZ1WAbkTnFhdK5mqzZ8hfCQT2cJHTOn46nLYc3HAZTrha
z0TcEkSboeW/JNbEHglaOUHCEu26gzXWLn7GUZlN2Z2UndLpZUoaW6SWTeHh+UtZ
cKrH2lDyJ2631QBhbVxzTLPAz0fDtOgM7jN/0IBINKwsfDToE0wkbc4LAWQW7wlb
rVzg6XXaTzjxrc/2dYBwe+TAC7jgZC4+067GfvRBGC7cqp0VHTicu7v8FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDFWFFnSdg2Lr2xylny1JZvPaArSMB8GA1UdIwQY
MBaAFJUDyFCQ+cwuIp04/eq65iZQi964MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zOTI5NGMtZWJkMS00ZWY0LTkxNWUt
ZjBkZDg3OWFlNTNhLzEvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8zOTI5NGMtZWJkMS00ZWY0LTkxNWUtZjBkZDg3OWFlNTNh
LzEvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApwwn38Cg
inNqTq9Znasn8mXJV9xdyME95p5wEeYzTCwCFv1X8smB5697zbgm90QCsBvNjfHT
9e+2AJN2tTfeAP5IPXk74f/P3kM2ai3SLSphgwu30gpxBR845G3E7Bp7JPlBXrZt
opGW0x4GPp0RjTi9bdoXoAWOdaFKIkMUFeSBPIizC45Uwx1XXehp+Cn7SSmzmCrh
5hZSPBippFsjPdUAAu5mb9P53skleBDeVpXQgat3v9Z/YMn3GyCfC27eDKZOO5ql
WJfoj/FRwzBfupliKnG4wSCZJnYY67Gv5EVHtNYHO/lhjhBucnCoeMqil56ZXr9v
FKstFyl/B3tEEA==
-----END CERTIFICATE-----